Lucene search
K

9816 matches found

0day.today
0day.today
added 2013/01/21 12:0 a.m.40 views

Jenkins Script-Console Java Execution Vulnerability

Exploit for multiple platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

7.1AI score
Exploits0
Metasploit
Metasploit
added 2013/01/18 12:0 a.m.75 views

Polycom Command Shell Authorization Bypass

The login component of the Polycom Command Shell on Polycom HDX video endpoints, running software versions 3.0.5 and earlier, is vulnerable to an authorization bypass when simultaneous connections are made to the service, allowing remote network attackers to gain access to a sandboxed telnet prom...

4.8AI score
Exploits0
Packet Storm
Packet Storm
added 2013/01/18 12:0 a.m.34 views

Linksys WRT54GL 1.1 XSS / OS Command Injection

Device Name: Linksys WRT54GL v1.1 Vendor: Linksys/Cisco ============ Vulnerable Firmware Releases: ============ Firmware Version: 4.30.15 build 2, 01/20/2011 ============ Device Description: ============ The Router lets you access the Internet via a wireless connection, broadcast at up to 54 Mbps...

Exploits0
exploitpack
exploitpack
added 2013/01/18 12:0 a.m.25 views

Linksys WRT54GL Firmware 4.30.15 build 2 - Multiple Vulnerabilities

Linksys WRT54GL Firmware 4.30.15 build 2 - Multiple Vulnerabilities Device Name: Linksys WRT54GL v1.1 Vendor: Linksys/Cisco ============ Vulnerable Firmware Releases: ============ Firmware Version: 4.30.15 build 2, 01/20/2011 ============ Device Description: ============ The Router lets you acces...

7.6AI score
Exploits0
exploitpack
exploitpack
added 2013/01/18 12:0 a.m.16 views

Jenkins CI Script Console - Command Execution (Metasploit)

Jenkins CI Script Console - Command Execution Metasploit This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

7.6AI score
Exploits0
Exploit DB
Exploit DB
added 2013/01/18 12:0 a.m.19 views

Jenkins CI Script Console - Command Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Jenkins...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2013/01/09 12:0 a.m.17 views

MS System Center Operations Manager XSS Vulnerabilities (2748552)

This host is missing an important security update according to Microsoft Bulletin MS13-003. OpenVAS Vulnerability Test $Id: secpodms13-003.nasl 6520 2017-07-04 14:28:49Z cfischer $ MS System Center Operations Manager XSS Vulnerabilities 2748552 Authors: Rachana Shetty Copyright: Copyright c 2013...

4.3CVSS0.4AI score0.16618EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2012/12/17 12:0 a.m.6 views

PT-2025-31694 · NetGear · Netgear Routers

Name of the Vulnerable Software and Affected Versions: Netgear routers versions prior to 1.0.0.36 Description: An authenticated OS command injection vulnerability exists in Netgear routers. A remote attacker with valid credentials can execute arbitrary commands via crafted input to the ppoe...

9.4CVSS7.6AI score0.04547EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2012/12/14 12:0 a.m.7 views

PT-2025-31685 · D Link · D-Link Dir-300 Rev B +1

Name of the Vulnerable Software and Affected Versions: D-Link DIR-300 rev B versions prior to firmware 2.14b01 D-Link DIR-600 versions prior to firmware 2.14b01 D-Link DIR-600 versions prior to firmware 2.13 Description: An OS command injection vulnerability exists in various legacy D-Link router...

9.3CVSS8.1AI score0.12099EPSS
Exploits1References11
0day.today
0day.today
added 2012/12/12 12:0 a.m.79 views

Smartphone Pentest Framework 0.1.3 / 0.1.4 Command Injection

Smartphone Pentest Framework SPF versions 0.1.3 and 0.1.4 suffer from an OS command injection vulnerability. Product: Smartphone Pentest Framework SPF Vendor: Bulb Security LLC Vulnerable Versions: 0.1.3, 0.1.4 and probably prior Tested Versions: 0.1.3, 0.1.4 Vendor Notification: November 19, 201...

9.7AI score0.09296EPSS
Exploits5
CERT
CERT
added 2012/12/12 12:0 a.m.74 views

D-Link DSL2730U router restricted telnet shell command whitelisting bypass

Overview D-Link DSL2730U routers contain a restricted telnet shell with limited allowed commands. An authenticated attacker can chain unauthorized commands through authorized commands in order to bypass the command whitelisting. Description CWE-78: Improper Neutralization of Special Elements used...

4CVSS6.8AI score0.01501EPSS
Exploits0References1
securityvulns
securityvulns
added 2012/12/11 12:0 a.m.99 views

Multiple Command Execution Vulnerabilities in Smartphone Pentest Framework

Advisory ID: HTB23127 Product: Smartphone Pentest Framework SPF Vendor: Bulb Security LLC Vulnerable Versions: 0.1.3, 0.1.4 and probably prior Tested Versions: 0.1.3, 0.1.4 Vendor Notification: November 19, 2012 Public Disclosure: December 10, 2012 Vulnerability Type: OS Command Injection CWE-78...

6.8CVSS0.6AI score0.09296EPSS
Exploits5
Packet Storm
Packet Storm
added 2012/12/11 12:0 a.m.67 views

Smartphone Pentest Framework 0.1.3 / 0.1.4 Command Injection

Advisory ID: HTB23127 Product: Smartphone Pentest Framework SPF Vendor: Bulb Security LLC Vulnerable Versions: 0.1.3, 0.1.4 and probably prior Tested Versions: 0.1.3, 0.1.4 Vendor Notification: November 19, 2012 Public Disclosure: December 10, 2012 Vulnerability Type: OS Command Injection CWE-78...

6.8CVSS0.1AI score0.09296EPSS
Exploits5
0day.today
0day.today
added 2012/12/09 12:0 a.m.27 views

Nagios XI Network Monitor Graph Explorer Component Command Injection

Exploit for unix platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2012/12/09 12:0 a.m.25 views

Nagios XI Network Monitor Graph Explorer Component Command Injection

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Nagios XI Network...

Exploits0
Packet Storm
Packet Storm
added 2012/11/30 12:0 a.m.30 views

Nagios XI Network Monitor 2011R1.9 OS Command Injection

======= Summary ======= Name: Nagios XI Network Monitor - OS Command Injection Release Date: 30 November 2012 Reference: NGS00196 Discoverer: Daniel Compton Vendor: Nagios Vendor Reference: 0000283 Systems Affected: Nagios XI Network Monitor 2011R1.9 Risk: High Status: Published ======== TimeLine...

0.1AI score
Exploits0
Metasploit
Metasploit
added 2012/11/20 3:34 p.m.65 views

SAP /sap/bc/soap/rfc SOAP Service SXPG_COMMAND_EXEC Function Command Injection

This module makes use of the SXPGCOMMANDEXEC Remote Function Call, through the use of the /sap/bc/soap/rfc SOAP service, to inject and execute OS commands. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module i...

7.6AI score
Exploits0
securityvulns
securityvulns
added 2012/11/18 12:0 a.m.111 views

Multiple Vulnerabilities in Smartphone Pentest Framework (SPF)

Advisory ID: HTB23123 Product: Smartphone Pentest Framework SPF Vendor: Bulb Security LLC Vulnerable Versions: v0.1.2 and probably prior Tested Version: v0.1.2 Vendor Notification: October 24, 2012 Public Disclosure: November 14, 2012 Vulnerability Type: OS Command Injection CWE-78, SQL Injection...

6.8CVSS10AI score0.01664EPSS
Exploits7
Metasploit
Metasploit
added 2012/11/14 11:34 p.m.66 views

SAP /sap/bc/soap/rfc SOAP Service SXPG_CALL_SYSTEM Function Command Injection

This module makes use of the SXPGCALLSYSTEM Remote Function Call, through the use of the /sap/bc/soap/rfc SOAP service, to inject and execute OS commands. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework This module is...

0.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2012/11/11 12:0 a.m.5 views

PT-2025-31693 · D Link · Dlink Router

Name of the Vulnerable Software and Affected Versions: D-Link routers version 8.04 Description: An authenticated OS command injection vulnerability exists via the tools vct.htm endpoint. The web interface fails to sanitize input passed from the ping ipaddr parameter to the tools vct.htm diagnosti...

9CVSS8AI score0.1911EPSS
Exploits1References8
Rows per page
Query Builder